(Note the dn=uid=...)
Probably a more efficient way would be to make the scope
same (-s same?) and the base dn be your members dn
(i.e. -b 'uid=bryan,ou=People, o=mirapoint.com') and
your filter (objectclass=*) or (objectclass=inetorgperson) or
whatever is appropriate).
-Jeff
"Philip A. Prindeville" wrote:
Mark Wilcox wrote:
>
> Hi,
> try a filter like this
> (uniquemember=uid=bryan*)
>
> btw inetOrgperson is a standard object class.
>
> MarkYou've misunderstood what I was trying to do. I've already
gotten the uniquemember attributes of a group. Now I want to
search the directory for those person (or whatever subclass)
records that I got back in the original query.My question is, given that the 'uniquemember' field supposedly
contains a DN, why can't I search based on that value (as a
filter)?-Philip
> -----Original Message-----
> From: Philip A. Prindeville <philipp@mirapoint.com>
> To: openldap-general@OpenLDAP.org <openldap-general@OpenLDAP.org>
> Date: Monday, June 07, 1999 6:19 PM
> Subject: Resolving groups (neophyte question)
>
> >I have a question regarding resolving lists (groups). If I have a group
> >that
> >looks like:
> >
> >% ldapsearch -v -L -s sub -b 'o=mirapoint.com' -h ugh "cn=Software
> >Engineers"
> >ldap_init( ugh, 0 )
> >filter pattern: cn=Software Engineers
> >returning: ALL
> >filter is: (cn=Software Engineers)
> >dn: cn=Software Engineers,ou=Groups, o=mirapoint.com
> >objectclass: top
> >objectclass: groupofuniquenames
> >cn: Software Engineers
> >creatorsname:
> >uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
> >createtimestamp: 19990603220646Z
> >uniquemember: uid=bryan,ou=People, o=mirapoint.com
> >uniquemember: uid=philipp,ou=People, o=mirapoint.com
> >uniquemember: uid=btaylor,ou=People, o=mirapoint.com
> >description: Hackers
> >modifiersname:
> >uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
> >modifytimestamp: 19990603220951Z
> >1 matches
> >
> >and I try to search on the returned DNs in the uniquemember attribute
> >field,
> >then the search always fails:
> >
> >ldapsearch -v -L -s sub -D 'cn=Directory Manager' -w 'directory' -b
> >'o=mirapoint.com' -h ugh 'uid=bryan,ou=People,o=mirapoint.com'
> >putois% ldapsearch -v -L -s sub -b 'o=mirapoint.com' -h ugh
> >'uid=bryan,ou=People, o=mirapoint.com'
> >ldap_init( ugh, 0 )
> >filter pattern: uid=bryan,ou=People,o=mirapoint.com
> >returning: ALL
> >filter is: (uid=bryan,ou=People,o=mirapoint.com)
> >0 matches
> >
> >But if I search on just "uid=bryan" then it finds the person record just
> >
> >fine. Actually it's an inetOrgPerson since I'm using the Netscape
> >directory server.
> >
> >No doubt I'm missing something obvious. I just don't know what.
> >
> >Someone want to help me out here?
> >
> >Thanks,
> >
> >-Philip
> >
> >
> >
> >
-- Jeff Clowser mailto:jclowser@aerotek.com Hanover MD 21076 USA Phone: (410)-579-4328 7312 Parkway Drive